예제 #1
0
        /// <summary>
        /// 删除权限
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="permissionItemCode">权限编号</param>
        /// <returns>影响行数</returns>
        public int DeletePermission(BaseUserInfo userInfo, string permissionItemCode)
        {
            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            int returnValue = 0;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
                    string id = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
                    if (!String.IsNullOrEmpty(id))
                    {
                        // 在删除时,可能会把相关的其他配置权限会删除掉,所以需要调用这个方法。
                        returnValue = permissionItemManager.Delete(id);
                    }
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            return(returnValue);
        }
        public BasePermissionScopeEntity GetConstraintEntity(string resourceCategory, string resourceId, string tableName, string permissionCode = "Resource.AccessPermission")
        {
            BasePermissionScopeEntity entity = null;

            string permissionId = string.Empty;
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);

            permissionId = permissionItemManager.GetIdByAdd(permissionCode);

            List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();

            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));

            // 1:先获取是否有这样的主键,若有进行更新操作。
            BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);
            DataTable dt = manager.GetDataTable(parameters);

            if (dt.Rows.Count > 0)
            {
                entity = new BasePermissionScopeEntity(dt);
            }
            return(entity);
        }
        /// <summary>
        ///
        /// </summary>
        /// <param name="userInfo"></param>
        /// <param name="resourceCategory"></param>
        /// <param name="targetId"></param>
        /// <param name="targetResourceCategory"></param>
        /// <param name="permissionItemCode"></param>
        /// <returns></returns>
        public string[] GetPermissionScopeResourceIds(BaseUserInfo userInfo, string resourceCategory, string targetId, string targetResourceCategory, string permissionItemCode)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            string[] returnValue = null;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
                    string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));

                    List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, targetId));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionItemId));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, targetResourceCategory));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));

                    tableName = BasePermissionScopeEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionScope";
                    }
                    returnValue = DbLogic.GetProperties(dbHelper, tableName, parameters, 0, BasePermissionScopeEntity.FieldResourceId);
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif
            return(returnValue);
        }
예제 #4
0
        /// <summary>
        /// 添加操作权限项
        /// </summary>
        /// <param name="userInfo">当前用户</param>
        /// <param name="permissionEntity">权限定义实体</param>
        /// <param name="statusCode">状态码</param>
        /// <param name="statusMessage">状态信息</param>
        /// <returns>主键</returns>
        public string Add(BaseUserInfo userInfo, BasePermissionItemEntity permissionItemEntity, out string statusCode, out string statusMessage)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            statusCode    = string.Empty;
            statusMessage = string.Empty;
            string returnValue = string.Empty;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    // 数据库事务开始
                    // dbHelper.BeginTransaction();
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
                    returnValue = permissionItemManager.Add(permissionItemEntity, out statusCode);
                    // 获得状态消息
                    statusMessage = permissionItemManager.GetStateMessage(statusCode);
                    // 写入日志信息
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionItemService_Add, MethodBase.GetCurrentMethod());
                    // 数据库事务提交
                    // dbHelper.CommitTransaction();
                }
                catch (Exception ex)
                {
                    // 数据库事务回滚
                    // dbHelper.RollbackTransaction();
                    // 记录异常信息
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(returnValue);
        }
        /// <summary>
        /// 用户的所有可授权范围(有授权权限的权限列表)
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="userId">用户主键</param>
        /// <param name="permissionItemCode">权限域编号</param>
        /// <returns>数据表</returns>
        public DataTable GetPermissionItemDTByPermissionScope(BaseUserInfo userInfo, string userId, string permissionItemCode)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
                    string permissionItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
                    // 数据库里没有设置可授权的权限项,系统自动增加一个权限配置项
                    if (String.IsNullOrEmpty(permissionItemId) && permissionItemCode.Equals("Resource.ManagePermission"))
                    {
                        BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
                        permissionItemEntity.Code        = "Resource.ManagePermission";
                        permissionItemEntity.FullName    = "资源管理范围权限(系统默认)";
                        permissionItemEntity.IsScope     = 1;
                        permissionItemEntity.Enabled     = 1;
                        permissionItemEntity.AllowDelete = 0;
                        permissionItemEntity.AllowDelete = 0;
                        permissionItemManager.AddEntity(permissionItemEntity);
                    }
                    dataTable           = permissionItemManager.GetDataTableByUser(userId, permissionItemCode);
                    dataTable.TableName = BasePermissionItemEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionItemDTByPermission, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(dataTable);
        }
        /// <summary>
        /// 获取用户的件约束表达式
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="tableName">表名</param>
        /// <returns>主键</returns>
        public string GetUserConstraint(string tableName, string permissionCode = "Resource.AccessPermission")
        {
            string returnValue = string.Empty;
            // 这里是获取用户的条件表达式
            // 1: 首先用户在哪些角色里是有效的?
            // 2: 这些角色都有哪些哪些条件约束?
            // 3: 组合约束条件?
            // 4:用户本身的约束条件?
            string permissionId = string.Empty;
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);

            permissionId = permissionItemManager.GetIdByAdd(permissionCode);

            BaseUserManager manager = new BaseUserManager(this.DbHelper, this.UserInfo);

            string[] roleIds = manager.GetAllRoleIds(UserInfo.Id);
            if (roleIds == null || roleIds.Length == 0)
            {
                return(returnValue);
            }
            BasePermissionScopeManager scopeManager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);

            List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();

            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, BaseRoleEntity.TableName));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, roleIds));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, 1));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));

            DataTable dtPermissionScope    = scopeManager.GetDataTable(parameters);
            string    permissionConstraint = string.Empty;

            foreach (DataRow dataRow in dtPermissionScope.Rows)
            {
                permissionConstraint = dataRow[BasePermissionScopeEntity.FieldPermissionConstraint].ToString();
                permissionConstraint = permissionConstraint.Trim();
                if (!string.IsNullOrEmpty(permissionConstraint))
                {
                    returnValue += " AND " + permissionConstraint;
                }
            }
            if (!string.IsNullOrEmpty(returnValue))
            {
                returnValue = returnValue.Substring(5);
                // 解析替换约束表达式标准函数
                returnValue = ConstraintUtil.PrepareParameter(this.UserInfo, returnValue);
            }

            return(returnValue);
        }
예제 #7
0
        /// <summary>
        /// 用户角色关系是否有模块权限
        /// </summary>
        /// <param name="roleId">角色主键</param>
        /// <param name="permissionItemCode">权限编号</param>
        /// <returns>有角色权限</returns>
        public bool CheckPermissionByRole(string roleId, string permissionItemCode)
        {
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo);
            string permissionItemId = permissionItemManager.GetProperty(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode), BasePermissionItemEntity.FieldId);

            // 判断当前判断的权限是否存在,否则很容易出现前台设置了权限,后台没此项权限
            // 需要自动的能把前台判断过的权限,都记录到后台来
            #if (DEBUG)
            if (String.IsNullOrEmpty(permissionItemId))
            {
                BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
                permissionItemEntity.Code              = permissionItemCode;
                permissionItemEntity.FullName          = permissionItemCode;
                permissionItemEntity.ParentId          = string.Empty;
                permissionItemEntity.IsScope           = 0;
                permissionItemEntity.AllowDelete       = 1;
                permissionItemEntity.AllowEdit         = 1;
                permissionItemEntity.DeletionStateCode = 0;
                permissionItemEntity.Enabled           = 1;
                // 这里是防止主键重复?
                // permissionEntity.ID = BaseBusinessLogic.NewGuid();
                permissionItemManager.AddEntity(permissionItemEntity);
            }
            else
            {
                // 更新最后一次访问日期,设置为当前服务器日期
                SQLBuilder sqlBuilder = new SQLBuilder(DbHelper);
                sqlBuilder.BeginUpdate(this.CurrentTableName);
                sqlBuilder.SetDBNow(BasePermissionItemEntity.FieldLastCall);
                sqlBuilder.SetWhere(BasePermissionItemEntity.FieldId, permissionItemId);
                sqlBuilder.EndUpdate();
            }
            #endif

            if (string.IsNullOrEmpty(permissionItemId))
            {
                return(false);
            }
            string sqlQuery = " SELECT COUNT(*) "
                              + "   FROM " + this.CurrentTableName
                              + "  WHERE " + "(" + BasePermissionEntity.FieldResourceCategory + " = '" + BaseRoleEntity.TableName + "') "
                              + "        AND (" + BasePermissionEntity.FieldEnabled + " = 1) "
                              + "        AND (" + BasePermissionEntity.FieldResourceId + " = '" + roleId + "' ) "
                              + "        AND (" + BasePermissionEntity.FieldPermissionItemId + " = '" + permissionItemId + "') ";
            int    rowCount     = 0;
            object returnObject = DbHelper.ExecuteScalar(sqlQuery);
            if (returnObject != null)
            {
                rowCount = int.Parse(returnObject.ToString());
            }
            return(rowCount > 0);
        }
예제 #8
0
        public new string GetIdByCode(string permissionItemCode)
        {
            string tableName = BasePermissionScopeEntity.TableName;

            if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
            {
                tableName = BaseSystemInfo.SystemCode + "PermissionItem";
            }
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, this.UserInfo, tableName);

            // 这里应该是若不存在就自动加一个操作权限
            return(permissionItemManager.GetIdByAdd(permissionItemCode));
        }
예제 #9
0
        /// <summary>
        /// 按父节点获取列表
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="parentId">父节点主键</param>
        /// <returns>数据表</returns>
        public DataTable GetDataTableByParent(BaseUserInfo userInfo, string parentId)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);

                    List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldParentId, parentId));
                    parameters.Add(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));

                    dataTable           = permissionItemManager.GetDataTable(parameters, BasePermissionItemEntity.FieldSortCode);
                    dataTable.TableName = BasePermissionItemEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionItemService_GetDataTableByParent, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(dataTable);
        }
예제 #10
0
        /// <summary>
        /// 获取实体
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="id">主键</param>
        /// <returns>实体</returns>
        public BasePermissionItemEntity GetEntity(BaseUserInfo userInfo, string id)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    // 创建实现类
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
                    DataTable returnDataTable = new DataTable(BasePermissionItemEntity.TableName);
                    returnDataTable      = permissionItemManager.GetDataTableById(id);
                    permissionItemEntity = new BasePermissionItemEntity(returnDataTable);
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionItemService_GetEntity, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(permissionItemEntity);
        }
예제 #11
0
        /// <summary>
        /// 批量移动实体
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="permissionItemIds">权限项主键数组</param>
        /// <param name="parentId">父主键</param>
        /// <returns>影响行数</returns>
        public int BatchMoveTo(BaseUserInfo userInfo, string[] permissionItemIds, string parentId)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            int returnValue = 0;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
                    for (int i = 0; i < permissionItemIds.Length; i++)
                    {
                        returnValue += permissionItemManager.MoveTo(permissionItemIds[i], parentId);
                    }
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionItemService_BatchMoveTo, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(returnValue);
        }
예제 #12
0
        /// <summary>
        /// 获取委托列表
        /// </summary>
        /// <param name="permissionItemCode">操作权限编号</param>
        /// <param name="userId">用户主键</param>
        /// <returns>数据表</returns>
        public DataTable GetAuthorizeDT(string permissionItemCode, string userId = null)
        {
            if (userId == null)
            {
                userId = this.UserInfo.Id;
            }
            // 获取别人委托我的列表
            string permissionItemId = string.Empty;
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);

            permissionItemId = permissionItemManager.GetIdByCode(permissionItemCode);
            BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(this.UserInfo);

            string[] names = new string[] {
                BasePermissionScopeEntity.FieldDeletionStateCode
                , BasePermissionScopeEntity.FieldEnabled
                , BasePermissionScopeEntity.FieldResourceCategory
                , BasePermissionScopeEntity.FieldPermissionItemId
                , BasePermissionScopeEntity.FieldTargetCategory
                , BasePermissionScopeEntity.FieldTargetId
            };
            Object[] values = new Object[] { 0, 1, BaseUserEntity.TableName, permissionItemId, BaseUserEntity.TableName, userId };
            // 排除过期的,此方法有性能问题,已经放到后台的Sql中处理。 comment by zgl on 2011-10-27
            //DataTable dt = permissionScopeManager.GetDataTable(names, values);
            //for (int i = 0; i < dt.Rows.Count; i++)
            //{
            //    if (!string.IsNullOrEmpty(dt.Rows[i][BasePermissionScopeEntity.FieldEndDate].ToString()))
            //    {
            //        // 过期的不显示
            //        if (DateTime.Parse(dt.Rows[i][BasePermissionScopeEntity.FieldEndDate].ToString()).Date < DateTime.Now.Date)
            //        {
            //            dt.Rows.RemoveAt(i);
            //            // dt 行数会减少
            //            i--;
            //        }
            //    }
            //}

            //排除过期的,已经放到后台的Sql中处理。
            DataTable dt = permissionScopeManager.GetAuthoriedList(BaseUserEntity.TableName, permissionItemId, BaseUserEntity.TableName, userId);

            string[]        userIds     = BaseBusinessLogic.FieldToArray(dt, BasePermissionScopeEntity.FieldResourceId);
            BaseUserManager userManager = new BaseUserManager(this.UserInfo);

            return(userManager.GetDataTable(userIds));
        }
        /// <summary>
        /// 设置约束条件
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="resourceCategory">资源类别</param>
        /// <param name="resourceId">资源主键</param>
        /// <param name="tableName">表名</param>
        /// <param name="constraint">约束</param>
        /// <param name="enabled">有效</param>
        /// <param name="permissionCode">操作权限项</param>
        /// <returns>主键</returns>
        public string SetConstraint(string resourceCategory, string resourceId, string tableName, string permissionCode, string constraint, bool enabled = true)
        {
            string returnValue = string.Empty;

            string permissionId = string.Empty;
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);

            permissionId = permissionItemManager.GetIdByAdd(permissionCode);

            List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();

            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceCategory, resourceCategory));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldResourceId, resourceId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetCategory, "Table"));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldTargetId, tableName));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionItemId, permissionId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldDeletionStateCode, 0));

            BasePermissionScopeManager manager = new BasePermissionScopeManager(this.DbHelper, this.UserInfo);

            // 1:先获取是否有这样的主键,若有进行更新操作。
            // 2:若没有进行添加操作。
            returnValue = manager.GetId(parameters);
            if (!string.IsNullOrEmpty(returnValue))
            {
                parameters = new List <KeyValuePair <string, object> >();
                parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldPermissionConstraint, constraint));
                parameters.Add(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldEnabled, enabled ? 1 : 0));
                manager.SetProperty(new KeyValuePair <string, object>(BasePermissionScopeEntity.FieldId, returnValue), parameters);
            }
            else
            {
                BasePermissionScopeEntity entity = new BasePermissionScopeEntity();
                entity.ResourceCategory     = resourceCategory;
                entity.ResourceId           = resourceId;
                entity.TargetCategory       = "Table";
                entity.TargetId             = tableName;
                entity.PermissionConstraint = constraint;
                entity.PermissionId         = int.Parse(permissionId);
                entity.DeletionStateCode    = 0;
                entity.Enabled = enabled ? 1: 0;
                returnValue    = manager.Add(entity);
            }
            return(returnValue);
        }
예제 #14
0
        /// <summary>
        /// 判断用户是否有有相应的权限
        /// </summary>
        /// <param name="userId">用户主键</param>
        /// <param name="permissionItemCode">权限编号</param>
        /// <returns>有权限</returns>
        public bool CheckPermission(string userId, string permissionItemCode)
        {
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper);
            string permissionItemId = permissionItemManager.GetIdByCode(permissionItemCode);

            // 没有找到相应的权限
            if (String.IsNullOrEmpty(permissionItemId))
            {
                return(false);
            }

            List <KeyValuePair <string, object> > parameters = new List <KeyValuePair <string, object> >();

            parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceCategory, BaseUserEntity.TableName));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldResourceId, userId));
            parameters.Add(new KeyValuePair <string, object>(BasePermissionEntity.FieldEnabled, "1"));
            return(DbLogic.Exists(DbHelper, this.CurrentTableName, parameters));
        }
예제 #15
0
        /// <summary>
        /// 获取关联的权限项列表
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="moduleId">主键</param>
        /// <returns>数据表</returns>
        public DataTable GetPermissionDT(BaseUserInfo userInfo, string moduleId)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BasePermissionModuleManager modulePermissionManager = new BasePermissionModuleManager(dbHelper, userInfo);
                    string[] ids = modulePermissionManager.GetPermissionIds(moduleId);
                    BasePermissionItemManager permissionAdminManager = new BasePermissionItemManager(dbHelper, userInfo);
                    dataTable           = permissionAdminManager.GetDataTable(ids);
                    dataTable.TableName = BasePermissionItemEntity.TableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.ModuleService_GetPermissionDT, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(dataTable);
        }
예제 #16
0
        /////////////////////////////////////////////////////////////////////////////////////////////////////////
        /// 测试权限用的
        /////////////////////////////////////////////////////////////////////////////////////////////////////////


        #region public string AddPermission(BaseUserInfo userInfo, string permissionCode)
        /// <summary>
        /// 添加操作权限
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="permissionCode">权限编号</param>
        /// <returns>主键</returns>
        public string AddPermission(BaseUserInfo userInfo, string permissionCode)
        {
            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            string returnValue = string.Empty;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
                    string statusCode = string.Empty;
                    BasePermissionItemEntity permissionItemEntity = new BasePermissionItemEntity();
                    permissionItemEntity.Code        = permissionCode;
                    permissionItemEntity.Enabled     = 1;
                    permissionItemEntity.AllowDelete = 1;
                    permissionItemEntity.AllowEdit   = 1;
                    permissionItemEntity.IsScope     = 0;
                    returnValue = permissionItemManager.Add(permissionItemEntity, out statusCode);
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.MSG0091, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            return(returnValue);
        }
예제 #17
0
        /// <summary>
        /// 撤销角色权限
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="roleName">角色名</param>
        /// <param name="permissionItemCode">权限编号</param>
        /// <returns>主键</returns>
        public int RevokeRolePermission(BaseUserInfo userInfo, string roleName, string permissionItemCode)
        {
            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            int returnValue = 0;
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    BaseRoleManager           roleManager           = new BaseRoleManager(dbHelper, userInfo);
                    string                    roleId                = roleManager.GetId(new KeyValuePair <string, object>(BaseRoleEntity.FieldRealName, roleName));
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo);
                    string                    permissionItemId      = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionItemCode));
                    if (!String.IsNullOrEmpty(roleId) && !String.IsNullOrEmpty(permissionItemId))
                    {
                        BaseRolePermissionManager rolePermissionManager = new BaseRolePermissionManager(dbHelper, userInfo);
                        returnValue = rolePermissionManager.Revoke(roleId, permissionItemId);
                    }
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            return(returnValue);
        }
예제 #18
0
        /// <summary>
        /// 获得某个用户的所有权限列表
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="userId">用户主键</param>
        /// <returns>数据表</returns>
        public DataTable GetPermissionDTByUser(BaseUserInfo userInfo, string userId)
        {
            // 写入调试信息
            #if (DEBUG)
            int milliStart = BaseBusinessLogic.StartDebug(userInfo, MethodBase.GetCurrentMethod());
            #endif

            // 加强安全验证防止未授权匿名调用
            #if (!DEBUG)
            LogOnService.UserIsLogOn(userInfo);
            #endif

            DataTable dataTable = new DataTable(BasePermissionItemEntity.TableName);
            using (IDbHelper dbHelper = DbHelperFactory.GetHelper(BaseSystemInfo.UserCenterDbType))
            {
                try
                {
                    dbHelper.Open(UserCenterDbConnection);
                    string tableName = BasePermissionItemEntity.TableName;
                    if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                    {
                        tableName = BaseSystemInfo.SystemCode + "PermissionItem";
                    }
                    // 是否超级管理员
                    BaseUserManager           userManager           = new BaseUserManager(dbHelper, userInfo);
                    BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(dbHelper, userInfo, tableName);
                    if (userManager.IsAdministrator(userId))
                    {
                        dataTable = permissionItemManager.GetDataTable();
                    }
                    else
                    {
                        tableName = BasePermissionEntity.TableName;
                        if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
                        {
                            tableName = BaseSystemInfo.SystemCode + "Permission";
                        }
                        BasePermissionManager permissionManager = new BasePermissionManager(dbHelper, userInfo, tableName);
                        string[] ids = permissionManager.GetPermissionIdsByUser(userId);
                        // 若是以前赋予的权限,后来有些权限设置为无效了,那就不应该再获取哪些无效的权限才对。
                        // bug修正:没有赋值DataTable,导致返回值空
                        dataTable = permissionItemManager.GetDataTable(
                            new KeyValuePair <string, object>(BasePermissionItemEntity.FieldId, ids)
                            , new KeyValuePair <string, object>(BasePermissionItemEntity.FieldEnabled, 1)
                            , new KeyValuePair <string, object>(BasePermissionItemEntity.FieldDeletionStateCode, 0));
                    }
                    dataTable.TableName = tableName;
                    BaseLogManager.Instance.Add(dbHelper, userInfo, this.serviceName, AppMessage.PermissionService_GetPermissionDTByUser, MethodBase.GetCurrentMethod());
                }
                catch (Exception ex)
                {
                    BaseExceptionManager.LogException(dbHelper, userInfo, ex);
                    throw ex;
                }
                finally
                {
                    dbHelper.Close();
                }
            }

            // 写入调试信息
            #if (DEBUG)
            BaseBusinessLogic.EndDebug(MethodBase.GetCurrentMethod(), milliStart);
            #endif

            return(dataTable);
        }
예제 #19
0
        //
        // ResourcePermission 权限判断
        //

        #region public bool CheckPermissionByUser(string userId, string permissionItemCode, string permissionItemName = null) 是否有相应的权限
        /// <summary>
        /// 是否有相应的权限
        /// </summary>
        /// <param name="userId">用户主键</param>
        /// <param name="permissionItemCode">权限编号</param>
        /// <param name="permissionItemName">权限名称</param>
        /// <returns>是否有权限</returns>
        public bool CheckPermissionByUser(string userId, string permissionItemCode, string permissionItemName = null)
        {
            // 若不存在就需要自动能增加一个操作权限项
            string tableName = BasePermissionItemEntity.TableName;

            if (!string.IsNullOrEmpty(BaseSystemInfo.SystemCode))
            {
                tableName = BaseSystemInfo.SystemCode + "PermissionItem";
            }
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(DbHelper, UserInfo, tableName);
            string permissionItemId = permissionItemManager.GetIdByAdd(permissionItemCode, permissionItemName);
            BasePermissionItemEntity permissionItemEntity = permissionItemManager.GetEntity(permissionItemId);

            // 先判断用户类别
            if (UserInfo.IsAdministrator)
            {
                return(true);
            }

            // 没有找到相应的权限
            if (String.IsNullOrEmpty(permissionItemId))
            {
                return(false);
            }

            // 这里需要判断,是系统权限?
            bool            returnValue = false;
            BaseUserManager userManager = new BaseUserManager(this.DbHelper, this.UserInfo);

            if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("System"))
            {
                // 用户管理员
                returnValue = userManager.IsInRoleByCode(userId, "UserAdmin");
                if (returnValue)
                {
                    return(returnValue);
                }
            }

            // 这里需要判断,是业务权限?
            if (!string.IsNullOrEmpty(permissionItemEntity.CategoryCode) && permissionItemEntity.CategoryCode.Equals("Application"))
            {
                returnValue = userManager.IsInRoleByCode(userId, "Admin");
                if (returnValue)
                {
                    return(returnValue);
                }
            }

            // 判断用户权限
            if (this.CheckUserPermission(userId, permissionItemId))
            {
                return(true);
            }
            // 判断用户角色权限
            if (this.CheckUserRolePermission(userId, permissionItemId))
            {
                return(true);
            }

            // 判断用户组织机构权限,这里有开关是为了提高性能用的,
            // 下面的函数接着还可以提高性能,可以进行一次判断就可以了,其实不用执行4次判断,浪费I/O,浪费性能。
            if (BaseSystemInfo.UseOrganizePermission)
            {
                if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.WorkgroupId))
                {
                    return(true);
                }
                else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.DepartmentId))
                {
                    return(true);
                }
                else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.SubCompanyId))
                {
                    return(true);
                }
                else if (this.CheckUserOrganizePermission(userId, permissionItemId, this.UserInfo.CompanyId))
                {
                    return(true);
                }
            }

            return(false);
        }
        /// <summary>
        /// 获取约束条件(所有的约束)
        /// </summary>
        /// <param name="userInfo">用户</param>
        /// <param name="resourceCategory">资源类别</param>
        /// <param name="resourceId">资源主键</param>
        /// <returns>数据表</returns>
        public DataTable GetConstraintDT(string resourceCategory, string resourceId, string permissionCode = "Resource.AccessPermission")
        {
            DataTable dataTable = new DataTable(BaseTableColumnsEntity.TableName);

            /*
             * -- 这里是都有哪些表?
             * SELECT ItemValue, ItemName
             * FROM ItemsTablePermissionScope
             * WHERE (DeletionStateCode = 0)
             * AND (Enabled = 1)
             * ORDER BY ItemsTablePermissionScope.SortCode
             */

            /*
             * -- 这里是都有有哪些表达式
             * SELECT     Id, TargetId, PermissionConstraint   -- 对什么表有什么表达式?
             * FROM         BasePermissionScope
             * WHERE (ResourceId = 10000000)
             * AND (ResourceCategory = 'BaseRole')   -- 什么角色?
             * AND (TargetId = 'BaseUser')
             * AND (TargetCategory = 'Table')
             * AND (PermissionId = 10000001)  -- 有什么权限?(资源访问权限)
             * AND (DeletionStateCode = 0)
             * AND (Enabled = 1)
             */

            string permissionId = string.Empty;
            BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.UserInfo);

            permissionId = permissionItemManager.GetIdByAdd(permissionCode);

            string sqlQuery = @" SELECT BasePermissionScope.Id
		                                    , ItemsTablePermissionScope.ItemValue AS TableCode
		                                    , ItemsTablePermissionScope.ItemName AS TableName
		                                    , BasePermissionScope.PermissionConstraint
		                                    , ItemsTablePermissionScope.SortCode
                                    FROM  (
	                                    SELECT ItemValue
		                                     , ItemName
		                                     , SortCode
	                                    FROM ItemsTablePermissionScope
                                       WHERE (DeletionStateCode = 0) 
		                                      AND (Enabled = 1)                                              
                                        ) AS ItemsTablePermissionScope LEFT OUTER JOIN
                                        (SELECT Id
			                                    , TargetId
			                                    , PermissionConstraint  
                                           FROM BasePermissionScope
                                         WHERE (ResourceCategory = '" + resourceCategory + @"') 
			                                    AND (ResourceId = "             + resourceId + @") 
			                                    AND (TargetCategory = 'Table') 
			                                    AND (PermissionId = "             + permissionId.ToString() + @") 
			                                    AND (DeletionStateCode = 0) 
			                                    AND (Enabled = 1)
	                                     ) AS BasePermissionScope 
                                    ON ItemsTablePermissionScope.ItemValue = BasePermissionScope.TargetId
                                    ORDER BY ItemsTablePermissionScope.SortCode ";

            dataTable           = this.Fill(sqlQuery);
            dataTable.TableName = BaseTableColumnsEntity.TableName;

            return(dataTable);
        }
예제 #21
0
        public DataTable Search(string permissionScopeItemCode, string search, string[] roleIds, bool?enabled, string auditStates, string departmentId)
        {
            search = StringUtil.GetSearchString(search);
            string sqlQuery = " SELECT " + BaseUserEntity.TableName + ".* "
                              + "," + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldRealName + " AS RoleName "
                              + " FROM " + BaseUserEntity.TableName
                              + "      LEFT OUTER JOIN " + BaseRoleEntity.TableName
                              + "      ON " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " = " + BaseRoleEntity.TableName + "." + BaseRoleEntity.FieldId
                              // 被删除的排出在外比较好一些
                              + " WHERE " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDeletionStateCode + " = 0 "
                              + " AND " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldIsVisible + " = 1 ";

            if (!String.IsNullOrEmpty(search))
            {
                sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldUserName + " LIKE '" + search + "'"
                            + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCode + " LIKE '" + search + "'"
                            + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRealName + " LIKE '" + search + "'"
                            + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldQuickQuery + " LIKE '" + search + "'"
                            + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentName + " LIKE '" + search + "'"
                            + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDescription + " LIKE '" + search + "')";
            }
            if (!string.IsNullOrEmpty(departmentId))
            {
                BaseOrganizeManager organizeManager = new BaseOrganizeManager(this.DbHelper, this.UserInfo);
                string[]            organizeIds     = organizeManager.GetChildrensId(BaseOrganizeEntity.FieldId, departmentId, BaseOrganizeEntity.FieldParentId);
                if (organizeIds != null && organizeIds.Length > 0)
                {
                    sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")"
                                + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " IN (" + StringUtil.ArrayToList(organizeIds) + ")"
                                + " OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " IN (" + StringUtil.ArrayToList(organizeIds) + "))";
                }
            }
            if (!String.IsNullOrEmpty(auditStates))
            {
                sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldAuditStatus + " = '" + auditStates + "')";
            }
            if (enabled != null)
            {
                sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldEnabled + " = " + ((bool)enabled ? 1:0) + ")";
            }
            if ((roleIds != null) && (roleIds.Length > 0))
            {
                string roles = StringUtil.ArrayToList(roleIds, "'");
                sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldRoleId + " IN (" + roles + ") ";
                sqlQuery += "      OR " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + "SELECT " + BaseUserRoleEntity.FieldUserId + " FROM " + BaseUserRoleEntity.TableName + " WHERE " + BaseUserRoleEntity.FieldRoleId + " IN (" + roles + ")" + "))";
            }

            // 是否过滤用户, 获得组织机构列表, 这里需要一个按用户过滤得功能
            if ((!UserInfo.IsAdministrator) && (BaseSystemInfo.UsePermissionScope))
            {
                // string permissionScopeItemCode = "Resource.ManagePermission";
                BasePermissionItemManager permissionItemManager = new BasePermissionItemManager(this.DbHelper, this.UserInfo);
                string permissionScopeItemId = permissionItemManager.GetId(new KeyValuePair <string, object>(BasePermissionItemEntity.FieldCode, permissionScopeItemCode));
                if (!string.IsNullOrEmpty(permissionScopeItemId))
                {
                    // 从小到大的顺序进行显示,防止错误发生
                    BaseUserScopeManager userPermissionScopeManager = new BaseUserScopeManager(this.DbHelper, this.UserInfo);
                    string[]             organizeIds = userPermissionScopeManager.GetOrganizeIds(this.UserInfo.Id, permissionScopeItemId);

                    // 没有任何数据权限
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.None).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = NULL ) ";
                    }
                    // 按详细设定的数据
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.Detail).ToString()))
                    {
                        BasePermissionScopeManager permissionScopeManager = new BasePermissionScopeManager(DbHelper, UserInfo);
                        string[] userIds = permissionScopeManager.GetUserIds(UserInfo.Id, permissionScopeItemCode);
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " IN (" + BaseBusinessLogic.ObjectsToList(userIds) + ")) ";
                    }
                    // 自己的数据,仅本人
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.User).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldId + " = " + this.UserInfo.Id + ") ";
                    }
                    // 用户所在工作组数据
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserWorkgroup).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldWorkgroupId + " = " + this.UserInfo.WorkgroupId + ") ";
                    }
                    // 用户所在部门数据
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserDepartment).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldDepartmentId + " = " + this.UserInfo.DepartmentId + ") ";
                    }
                    // 用户所在分支机构数据
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserSubCompany).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSubCompanyId + " = " + this.UserInfo.SubCompanyId + ") ";
                    }
                    // 用户所在公司数据
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.UserCompany).ToString()))
                    {
                        sqlQuery += " AND (" + BaseUserEntity.TableName + "." + BaseUserEntity.FieldCompanyId + " = " + this.UserInfo.CompanyId + ") ";
                    }
                    // 全部数据,这里就不用设置过滤条件了
                    if (StringUtil.Exists(organizeIds, ((int)PermissionScope.All).ToString()))
                    {
                    }
                }
            }
            sqlQuery += " ORDER BY " + BaseUserEntity.TableName + "." + BaseUserEntity.FieldSortCode;
            return(DbHelper.Fill(sqlQuery));
        }